Hello David, > CVE-2008-4325[0]: > | lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the > | HTTP request for the Content-Type header in the HTTP response, which > | allows remote attackers to cause content to be misinterpreted by the > | browser via a content-type parameter that is inconsistent with the > | requested object. NOTE: this issue might not be a vulnerability, since > | it requires attacker access to the repository that is being viewed.
Can you tell if you intend to fix this security issue? -- Sylvain -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
